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CLAIMS 

What is claimed is: 

\ \< A method comprising: 

2 \ authenticating a user of a platform during a Basic Input/Output System (BIOS) 

3 boot process; 

4 releasing a first keying material from a token communicatively coupled to the 

5 platform m response to authenticating the user; 

6 combining the first keying material with a second keying material internally 

7 stored withimthe platform in order to produce a combination key; and 

8 using tlte combination key to decrypt a second BIOS area to recover a second 

9 segment of BIOSl code. 

1 2. The method of claim 1 further comprising: 

2 continuing th^BIOS boot process. 

1 3. The method of claim 1, wherein prior to authenticating the user, the 

2 method comprises: \ 

3 loading a BIOS cod^ncluding a first BIOS area and a second BIOS area, the 

4 first BIOS area being an encrypted first segment of the BIOS code and the second 

5 BIOS area being an encrypted second segment of the BIOS code. 

1 4. The method of claim 3, wherein after loading of the BIOS code, the 

2 method further comprises: \ 

3 decrypting the first BIOS areAto recover the first segment of the BIOS code. 

1 5. The method of claim 1 further comprising: 

2 unbinding keying material associated with a non-volatile storage device to 

3 access contents stored within the non-volat\le storage device. 

1 6. The method of claim 1 wherein the combination key is a value formed 

2 by performing an exclusive OR operation on both the first keying material and the 

3 second keying material. \ 
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1 7>^ The method of claim 1, wherein authentication of the user is performed 

2 through biometrics. 



1 



8. 



he method of claim 1, wherein the second keying material is stored 



2 within internal memory of a trusted platform module. 



1 9. The mfethod of claim 1, wherein the second keying material is stored 

2 within a section of access-controlled system memory of the platform. 

1 10. The method of claim 1, wherein prior to authenticating the user, the 

2 method comprises: 

3 loading a BIOS code including a first BIOS area being a first segment of the 

4 BIOS code encrypted using a selected keying material; and 

5 loading an integrity metric including a hash value of an identification 

6 information of the platform. 



1 11. The method of claim 1 , wherein the identification information includes a 

2 serial number of an integrated circuit device\employed within the platform. 
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An integrated circuit device comprising: 
a boot block memory unit; and 
a trusted platform module communicativelV coupled to the boot block memory 
unit, the trusted platform module to produce a combination key by combining a first 
incoming keying material with a second keying maternal internally stored within the 
integrated circuit and to decrypt a second BIOS area t^recover a second segment of 
BIOS code. 



1 13. The integrated circuit device of claim 12, \ttherein the boot block 

2 memory unit to load a BIOS code including a first BIOS area and a second BIOS area, 

3 the first BIOS area being an encrypted first segment of the BIOS code and the second 

4 BIOS area being an encrypted second segment of the BIOS c<bde. 



1 14. The integrated circuit device of claim 13, wherein the trusted platform 

2 module to decrypt the first BIOS area to recover a first segment\of the BIOS code. 
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1 ^ platform comprising: 

2 an input/output control hub (ICH); 

3 a nVi- volatile memory unit coupled to the ICH, the non- volatile memory unit 

4 including a BIOS code including a first BIOS area and a second BIOS area, the first 

5 BIOS area beingsan encrypted first segment of the BIOS code and the second BIOS 

6 area being an encrypted second segment of the BIOS code; and 

7 a trusted platform module coupled to the ICH, the trusted platform module to 

8 produce a combination Key by combining a first incoming keying material with a 

9 second keying material internally stored within the platform and to decrypt the second 
10 BIOS area to recover the second segment of BIOS code. 

1 16. The platform of claim 1 5, wherein the trusted platform module to further 

2 decrypt the first BIOS area to recovekthe first segment of the BIOS code in an non- 

3 encrypted format. \ 

1 17. The platform of claim 15 further comprising a hard disk drive coupled to 

2 the ICH. \ 

1 18. The platform of claim 1 7, wherein the trusted platform module to further 

2 unbind keying material associated with the hard disKydrive to access contents stored 

3 within the hard disk drive. \ 

1 19r A program loaded into readable memory for execution by a trusted 

2 platform module of a platform, the program comprising: \ 

3 code to decrypt a first Basic Input/Output System (BIQS) area to recover a first 

4 segment of BIOS code; \ 

5 code to produce a combination key by combining a first incoming keying 

6 material with a second keying material internally stored within the misted platform 

7 module; and \ 

8 code to decrypt a second BIOS area to recover a second segmentVf the BIOS 

9 code. 
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1 20.\ The program of claim 19, wherein the first BIOS area is the first 

2 segment of tHe BIOS code encrypted with a keying material and the second BIOS area 

3 is the second segment of the BIOS code encrypted with the combination key. 



1 21. The Vogram of claim 1 9 further comprising: 

2 code to unbinoJceying material associated with a non-volatile storage device for 

3 accessing contents stored within the non-volatile storage device. 
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